renaming the IIS metabase
From: Mike Dapkus (mdapkus@lycos.com)Date: 05/14/02
- Previous message: Gino Genari: "Bypassing Windows 2000 Domain Password settings"
- Next in thread: ROTTENBERG,HAL (HP-USA,ex1): "RE: renaming the IIS metabase"
- Reply: ROTTENBERG,HAL (HP-USA,ex1): "RE: renaming the IIS metabase"
- Reply: Bronek Kozicki: "Re: renaming the IIS metabase"
- Reply: Sam Wilson: "RE: renaming the IIS metabase"
- Reply: Kestas G: "Re: renaming the IIS metabase"
- Reply: Aleksander P. Czarnowski: "RE: renaming the IIS metabase"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: focus-ms@securityfocus.com Date: Tue, 14 May 2002 10:19:36 -0500 From: "Mike Dapkus" <mdapkus@lycos.com>
My client is considering renaming and/or moving the metabase on their IIS 5 servers, per the article at http://support.microsoft.com/default.aspx?scid=kb;EN-US;q321142. As the default NTFS permissions allow only the System and Administrators groups access to the metabase, I am curious to know if anyone else has done this, and if so, why? Has there ever been an IIS attack directly against the metabase (where moving or renaming would have prevented the attack)? What do you see as the benefits and/or drawbacks to doing this?
Thanks,
Mike D.
________________________________________________________
Outgrown your current e-mail service?
Get a 25MB Inbox, POP3 Access, No Ads and No Taglines with LYCOS MAIL PLUS.
http://login.mail.lycos.com/brandPage.shtml?pageId=plus
- Previous message: Gino Genari: "Bypassing Windows 2000 Domain Password settings"
- Next in thread: ROTTENBERG,HAL (HP-USA,ex1): "RE: renaming the IIS metabase"
- Reply: ROTTENBERG,HAL (HP-USA,ex1): "RE: renaming the IIS metabase"
- Reply: Bronek Kozicki: "Re: renaming the IIS metabase"
- Reply: Sam Wilson: "RE: renaming the IIS metabase"
- Reply: Kestas G: "Re: renaming the IIS metabase"
- Reply: Aleksander P. Czarnowski: "RE: renaming the IIS metabase"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
